package com.ffms.filter; /**
 * @author 从卿
 * @create 2022/3/19-9:31
 */

import javax.servlet.*;
import javax.servlet.annotation.*;
import javax.servlet.http.HttpServletRequest;
import java.io.IOException;

//拦截登录
@WebFilter("/*")
public class LoginFilter implements Filter {
    public void init(FilterConfig config) throws ServletException {
    }

    public void destroy() {
    }

    @Override
    public void doFilter(ServletRequest request, ServletResponse response, FilterChain chain) throws ServletException, IOException {
        //进行强制转换
        HttpServletRequest req = (HttpServletRequest) request;
        //获取资源请求路径
        String uri = req.getRequestURI();
        //进行判断：是否存在与登录相关的资源请求路径
        if (uri.contains("/login.jsp") || uri.contains("/LoginServlet") || uri.contains("/css/") || uri.contains("/images/") || uri.contains("/js/")||
                uri.contains("/updatePwd.jsp")|| uri.contains("/adminAdd.jsp")|| uri.contains("/AddAdminServlet")
                || uri.contains("/UpdatePwdServlet")) {
            //放行
            chain.doFilter(request, response);
        }else{
            //不包含，需要验证用户是否进行了登录
            //从session获取user
            Object user = req.getSession().getAttribute("user");
            if(user!=null){
              //说明已经登录，放行
                chain.doFilter(request, response);
            }else {
                //没有登录，跳转至登录界面
                req.setAttribute("login_error","您尚未登录，请进行登录");
                req.getRequestDispatcher("/login.jsp").forward(req,response);

            }


        }


    }
}
